nanopathi

58 exploits Active since Jun 2020
CVE-2020-0453 NOMISEC MEDIUM WORKING POC
Android 8.0-9 - Local Information Disclosure via Unsafe PendingIntent in BeamTransferManager
In updateNotification of BeamTransferManager.java, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-8.0 Android-8.1Android ID: A-159060474
CVSS 5.5
CVE-2020-0451 NOMISEC HIGH WORKING POC
Android - Remote Code Execution via Heap Buffer Overflow in sbrdecoder.cpp
In sbrDecoder_AssignQmfChannels2SbrChannels of sbrdecoder.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-9 Android-8.0 Android-8.1Android ID: A-158762825
CVSS 8.8
CVE-2020-0471 NOMISEC CRITICAL WORKING POC
Android 8.0-11 - Remote Privilege Escalation via Bluetooth Packet Injection
In reassemble_and_dispatch of packet_fragmenter.cc, there is a possible way to inject packets into an encrypted Bluetooth connection due to improper input validation. This could lead to remote escalation of privilege between two Bluetooth devices by a proximal attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-8.0, Android-8.1, Android-9, Android-10, Android-11; Android ID: A-169327567.
CVSS 9.8
CVE-2020-0421 NOMISEC HIGH WORKING POC
Android 8.0-11 - Local Privilege Escalation via String8.cpp Error Handling
In appendFormatV of String8.cpp, there is a possible out of bounds write due to incorrect error handling. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-11 Android-8.0Android ID: A-161894517
CVSS 7.8
CVE-2020-0137 NOMISEC HIGH WORKING POC
Android 10 - Missing Authorization in NetworkManagementService
In setIPv6AddrGenMode of NetworkManagementService.java, there is a possible bypass of networking permissions due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-141920289
CVSS 7.8
CVE-2020-0409 NOMISEC HIGH WORKING POC
Android - Integer Overflow to Out-of-Bounds Write in FileMap.cpp
In create of FileMap.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-8.0 Android-8.1 Android-9Android ID: A-156997193
CVSS 7.8
CVE-2020-0401 NOMISEC HIGH WORKING POC
Android - Missing Authorization in PackageManagerService
In setInstallerPackageName of PackageManagerService.java, there is a missing permission check. This could lead to local escalation of privilege and granting spurious permissions with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10 Android-11Android ID: A-150857253
CVSS 7.8
CVE-2020-0391 NOMISEC HIGH WORKING POC
Android - Local Privilege Escalation via Unenforced Protected Broadcast
In applyPolicy of PackageManagerService.java, there is possible arbitrary command execution as System due to an unenforced protected-broadcast. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11Android ID: A-158570769
CVSS 7.8